Junie
Monthly
Command execution in JetBrains Junie before version 252.549.29 allows local attackers to execute arbitrary commands by crafting malicious project files, requiring user interaction to open the file. The vulnerability affects all Junie versions prior to the patched release and exploits unsafe handling of project file content without proper sanitization.
In JetBrains Junie before 252.284.66, 251.284.66, 243.284.66, 252.284.61, 251.284.61, 243.284.61, 252.284.50, 252.284.54, 251.284.54, 251.284.50, 243.284.54, 243.284.50 code execution was possible. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
In JetBrains Junie before 252.284.66, 251.284.66, 243.284.66, 252.284.61, 251.284.61, 243.284.61, 252.284.50, 252.284.54, 251.284.54, 251.284.50, 243.284.54, 243.284.50 information disclosure was. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required. No vendor patch available.
Command execution in JetBrains Junie before version 252.549.29 allows local attackers to execute arbitrary commands by crafting malicious project files, requiring user interaction to open the file. The vulnerability affects all Junie versions prior to the patched release and exploits unsafe handling of project file content without proper sanitization.
In JetBrains Junie before 252.284.66, 251.284.66, 243.284.66, 252.284.61, 251.284.61, 243.284.61, 252.284.50, 252.284.54, 251.284.54, 251.284.50, 243.284.54, 243.284.50 code execution was possible. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
In JetBrains Junie before 252.284.66, 251.284.66, 243.284.66, 252.284.61, 251.284.61, 243.284.61, 252.284.50, 252.284.54, 251.284.54, 251.284.50, 243.284.54, 243.284.50 information disclosure was. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required. No vendor patch available.